Chapter 16 IPSec Commands
Table 61 Ipsec Commands (continued)
COMMAND | DESCRIPTION | M |
ipsec ipsecDisplay | Displays the specified IPSec rule. Or displays all | R+B |
| runtime IPSec rules without specifying a rule. Use |
|
| ipsecAdd or ipsecEdit to load an IPSec rule before |
|
| using this command. |
|
|
|
|
ipsec ipsecAdd | Allocates a working buffer to add an IPSec rule. | R+B |
ipsec ipsecEdit | Loads the specified IPSec rule for editing. | R+B |
ipsec ipsecSave | Saves the IPSec rule settings from the working | R+B |
| buffer to the |
|
ipsec ipsecList | Lists all IPSec rules. | R+B |
ipsec ipsecDelete | Deletes the specified IPSec rule. | R+B |
ipsec ipsecConfig name <name> | Sets the IPSec rule's name (up to 31 characters). | R+B |
ipsec ipsecConfig active <YesNo> | Turns the IPSec rule on or off. | R+B |
ipsec ipsecConfig saIndex <index> | Binds the IPSec rule with the specified IKE rule. | R+B |
ipsec ipsecConfig multiPro <YesNo> | Enables the multiple proposal. | R+B |
ipsec ipsecConfig nailUp <YesNo> | Enables the | R+B |
ipsec ipsecConfig activeProtocol | Sets the active protocol. | R+B |
<0:AH1:ESP> |
|
|
ipsec ipsecConfig encryAlgo | Sets the phase 2 encryption algorithm. | R+B |
<0:Null1:DES 2:3DES3:AES> |
|
|
ipsec ipsecConfig encryKeyLen | Sets the phase 2 encryption key length. | R+B |
<0:1281:1922:256> |
|
|
ipsec ipsecConfig authAlgo | Sets the phase 2 authentication algorithm. | R+B |
<0:MD51:SHA1> |
|
|
ipsec ipsecConfig saLifeTime | Sets the phase 2 IPSec SA life time. | R+B |
<seconds> |
|
|
ipsec ipsecConfig encap | Sets the phase 2 encapsulation mode. | R+B |
<0:Tunnel1:Transport> |
|
|
ipsec ipsecConfig pfs | Sets the Perfect Forward Secrecy group for phase | R+B |
<0:None1:DH12:DH2> | 2. |
|
ipsec ipsecConfig antiReplay <YesNo> | Enables or disables replay detection. | R+B |
ipsec ipsecConfig controlPing | Enables or disables the IPSec tunnel connectivity | R+B |
<YesNo> | check. |
|
ipsec ipsecConfig logControlPing | Enables or disables logging for the ping check | R+B |
<YesNo> | events including pings sent and responses. |
|
ipsec ipsecConfig controlPingAddr | Sets the destination address for ping check. | R+B |
|
| |
ipsec ipsecConfig protocol | Sets the traffic protocol that can trigger the VPN | R+B |
<1:ICMP6:TCP17:UDP> | tunnel and be forwarded through it. |
|
ipsec ipsecConfig lcAddrType | Sets the address type for the local network. | R+B |
<0:single1:range2:subnet> |
|
|
ipsec ipsecConfig lcAddrStart <ip- | Sets the local network starting IP address. | R+B |
address> |
|
|
ipsec ipsecConfig lcAddrEndMask <ip- | Sets the local network ending IP address for a | R+B |
range or the subnet mask for a subnet. |
|
124 |
| |
ZyWALL (ZyNOS) CLI Reference Guide |
| |
|
|
|